diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..58a3064
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+.terraform/
+code.desktop 
+terraform/info.txt
+*.tfstate*
diff --git a/scripts/push.sh b/scripts/push.sh
index 1a04a89..a24fce2 100644
--- a/scripts/push.sh
+++ b/scripts/push.sh
@@ -6,6 +6,6 @@ eval $(aws ecr get-login --no-include-email --profile default --region ap-southe
 
 docker build -t wpimage:$SHA .
 
-docker tag wpimage:$SHA 672269152614.dkr.ecr.ap-southeast-2.amazonaws.com/wp-image:$SHA
+docker tag wpimage:$SHA 595875296375.dkr.ecr.ap-southeast-2.amazonaws.com/wp-image:$SHA
 
-docker push 672269152614.dkr.ecr.ap-southeast-2.amazonaws.com/wp-image:$SHA
+docker push 595875296375.dkr.ecr.ap-southeast-2.amazonaws.com/wp-image:$SHA
diff --git a/terraform/ecs.tf b/terraform/ecs.tf
index 0f8f089..fff46d6 100644
--- a/terraform/ecs.tf
+++ b/terraform/ecs.tf
@@ -1,3 +1,13 @@
+# Key-Name
+data "template_file" "ecs_public_key" {
+  template = "${file("~/.ssh/id_rsa.pub")}"
+}
+
+resource "aws_key_pair" "ecs_key_pair" {
+  key_name   = "ecs-key"
+  public_key = "${data.template_file.ecs_public_key.rendered}"
+}
+
 # ECS
 resource "aws_ecs_cluster" "ecs-da-wordpress" {
   name = "${var.project_name}-ecs"
@@ -5,37 +15,49 @@ resource "aws_ecs_cluster" "ecs-da-wordpress" {
 
 # LC
 resource "aws_launch_configuration" "instance-ecs-da" {
-  name     = "${var.project_name}-lc"
-  security_groups = ["${aws_security_group.ecs.id}"]
-
-  image_id             = "${var.image_id}"
-  instance_type        = "${var.instance_type}"
-  iam_instance_profile = "${aws_iam_instance_profile.ecs-instance-role.id}"
-  user_data            = <<EOF
-                    #!/bin/bash
-                    echo ECS_CLUSTER=${aws_ecs_cluster.ecs-da-wordpress.name} >> /etc/ecs/ecs.config
-                    EFS_DIR=/mnt/efs
-                    EFS_ID=${aws_efs_file_system.da-wordpress-efs.id}
-                    mkdir -p $${EFS_DIR}
-                    echo "$${EFS_ID}:/ $${EFS_DIR} efs tls,_netdev" >> /etc/fstab
-                    for i in $(seq 1 20); do mount -a -t efs defaults && break || sleep 60; done
-                          EOF
+  name_prefix = "${var.project_name}-lc"
 
+  image_id                    = "${var.image_id}"
+  instance_type               = "${var.instance_type}"
   associate_public_ip_address = true
 
+  security_groups = ["${aws_security_group.ecs.id}"]
+  key_name        = "sydney-key-pair"
+
+  iam_instance_profile = "${aws_iam_instance_profile.ecs-instance-role.arn}"
+  user_data = <<EOF
+                  #!/bin/bash
+                  echo ECS_CLUSTER=${aws_ecs_cluster.ecs-da-wordpress.name} >> /etc/ecs/ecs.config
+                  mkdir -p /mnt/efs
+                  mount -t efs ${aws_efs_file_system.da-wordpress-efs.id}:/ /mnt/efs
+                EOF
+
   lifecycle {
     create_before_destroy = true
   }
 }
 
+/*
+                    #!/bin/bash
+                    cloud-init-per once install_amazon-efs-utils yum install -y amazon-efs-utils
+                    cloud-init-per once mkdir_efs mkdir /efs
+                    EFS_DIR=/mnt/efs
+                    EFS_ID=${aws_efs_file_system.da-wordpress-efs.id}
+
+                    cloud-init-per once mount_efs echo -e "$${EFS_ID}:/ $${EFS_DIR} efs tls,_netdev" >> /etc/fstab
+                    echo ECS_CLUSTER=${aws_ecs_cluster.ecs-da-wordpress.name} >> /etc/ecs/ecs.config
+*/
+
+
 # ASG
 resource "aws_autoscaling_group" "cluster-asg-da" {
-  name             = "${var.project_name}-asg"
-  vpc_zone_identifier       = ["${aws_subnet.private-wp-a.id}", "${aws_subnet.private-wp-b.id}"]
-  min_size         = 1
-  max_size         = 4
-  desired_capacity = 2
-  launch_configuration      = "${aws_launch_configuration.instance-ecs-da.name}"
+  name                 = "${var.project_name}-asg"
+  vpc_zone_identifier  = ["${aws_subnet.public-wp-a.id}", "${aws_subnet.public-wp-b.id}"]
+  min_size             = 2
+  max_size             = 4
+  desired_capacity     = 2
+  launch_configuration = "${aws_launch_configuration.instance-ecs-da.name}"
+  health_check_type    = "EC2"
   health_check_grace_period = 0
   default_cooldown          = 300
   termination_policies      = ["OldestInstance"]
@@ -47,7 +69,7 @@ resource "aws_autoscaling_group" "cluster-asg-da" {
 }
 
 # ASP
-/*resource "aws_autoscaling_policy" "cluster-asg-da-policy" {
+resource "aws_autoscaling_policy" "cluster-asg-da-policy" {
   name                      = "${var.project_name}-asg-policy"
   policy_type               = "TargetTrackingScaling"
   estimated_instance_warmup = "90"
@@ -56,43 +78,43 @@ resource "aws_autoscaling_group" "cluster-asg-da" {
 
   target_tracking_configuration {
     predefined_metric_specification {
-      predefined_metric_type = "ASGAverageCPUUtilization"
+    predefined_metric_type = "ASGAverageCPUUtilization"
     }
 
     target_value = 40
   }
   
-}*/
-
+}
+/*
 # TD
 resource "aws_ecs_task_definition" "da-ecs-task" {
   family                = var.project_name
-  execution_role_arn = aws_iam_role.ecs-instance-role.arn
+  execution_role_arn    = aws_iam_role.ecs-instance-role.arn
   container_definitions = file("tasks/wp_task_definition.json")
   volume {
     name = "service-storage-wp"
     #host_path = "/mnt/efs/wordpress"
-    
+
     efs_volume_configuration {
       file_system_id = aws_efs_file_system.fs.id
       root_directory = "/mnt/efs/wordpress"
     }
-  } 
+  }
 }
 
 # SV
 resource "aws_ecs_service" "da-ecs-service" {
-  name = "${var.project_name}-sv"
-  cluster = aws_ecs_cluster.ecs-da-wordpress.id
+  name            = "${var.project_name}-sv"
+  cluster         = aws_ecs_cluster.ecs-da-wordpress.id
   task_definition = aws_ecs_task_definition.da-ecs-task.family
-  desired_count = 2
+  desired_count   = 2
   load_balancer {
-      target_group_arn = "${aws_alb_target_group.target-group-alb.arn}"
-      container_name   = "da-wp-task"
-      container_port   = 80
+    target_group_arn = "${aws_alb_target_group.target-group-alb.arn}"
+    container_name   = "da-wp-task"
+    container_port   = 80
   }
 }
-
+*/
 /*<<EOF
                     #!/bin/bash
                     echo ECS_CLUSTER=${aws_ecs_cluster.ecs-da-wordpress.name} >> /etc/ecs/ecs.config
@@ -101,4 +123,5 @@ resource "aws_ecs_service" "da-ecs-service" {
                     echo mkdir -p $${EFS_DIR}
                     echo "$${EFS_ID}:/ $${EFS_DIR} efs tls,_netdev" >> /etc/fstab
                           for i in $(seq 1 20); do mount -a -t efs defaults && break || sleep 60; done
-                          EOF*/
\ No newline at end of file
+                          EOF*/
+
diff --git a/terraform/iam.tf b/terraform/iam.tf
index fda9acf..a053ee8 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -22,7 +22,55 @@ resource "aws_iam_instance_profile" "ecs-instance-role" {
   role = "${aws_iam_role.ecs-instance-role.name}"
 }
 
-resource "aws_iam_role_policy_attachment" "ecs-service-attach" {
+resource "aws_iam_role_policy_attachment" "ecs-service-attach-a" {
   role       = "${aws_iam_role.ecs-instance-role.name}"
   policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
 }
+
+resource "aws_iam_role_policy_attachment" "ecs-service-attach-b" {
+  role       = "${aws_iam_role.ecs-instance-role.name}"
+  policy_arn = "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess"
+}
+resource "aws_iam_role_policy_attachment" "ecs-service-attach-c" {
+  role       = "${aws_iam_role.ecs-instance-role.name}"
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
+
+
+
+
+resource "aws_iam_role" "ecs-role" {
+  name = "${var.project_name}-ecs"
+  assume_role_policy = <<EOF
+{
+"Version": "2012-10-17",
+"Statement": [
+  {
+    "Effect": "Allow",
+    "Principal": {
+      "Service": "ecs-tasks.amazonaws.com"
+    },
+    "Action": "sts:AssumeRole"
+  }
+]
+}
+EOF
+}
+
+#resource "aws_iam_instance_profile" "ecs-role" {
+#  name = "${var.project_name}-ecs"
+#  role = "${aws_iam_role.ecs-role.name}"
+#}
+
+resource "aws_iam_role_policy_attachment" "ecs-attach-a" {
+  role       = "${aws_iam_role.ecs-role.name}"
+  policy_arn = "arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess"
+}
+resource "aws_iam_role_policy_attachment" "ecs-attach-b" {
+  role       = "${aws_iam_role.ecs-role.name}"
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
+}
+resource "aws_iam_role_policy_attachment" "ecs-attach-c" {
+  role       = "${aws_iam_role.ecs-role.name}"
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}
diff --git a/terraform/lb.tf b/terraform/lb.tf
index 54b3a3f..c2b6053 100644
--- a/terraform/lb.tf
+++ b/terraform/lb.tf
@@ -5,9 +5,7 @@ resource "aws_alb" "alb-da-wordpress" {
   name = "alb-da"
   security_groups = ["${aws_security_group.sg-alb.id}"]
   subnets = ["${aws_subnet.public-wp-a.id}", "${aws_subnet.public-wp-b.id}"]
-  lifecycle {
-    create_before_destroy = true
-  }
+  
 }
 
 # target group
@@ -17,13 +15,16 @@ resource "aws_alb_target_group" "target-group-alb" {
     protocol = "HTTP"
     vpc_id = "${aws_vpc.da-wordpress-vpc.id}"
 
-    depends_on = [aws_alb.alb-da-wordpress]
+    #depends_on = [aws_alb.alb-da-wordpress]
+    lifecycle {
+      create_before_destroy = true
+  }
 }
 
 # port listener
 resource "aws_alb_listener" "albListeners-wp" {
   load_balancer_arn = "${aws_alb.alb-da-wordpress.arn}"
-  port              = "80"
+  port              = 80
   protocol          = "HTTP"
   default_action {
     type = "forward"
diff --git a/terraform/provider.tf b/terraform/provider.tf
index bfdbe63..420b717 100644
--- a/terraform/provider.tf
+++ b/terraform/provider.tf
@@ -3,3 +3,4 @@ provider "aws" {
   region  = "ap-southeast-2"
 }
 
+
diff --git a/terraform/sg.tf b/terraform/sg.tf
index 4289a91..29cdb38 100644
--- a/terraform/sg.tf
+++ b/terraform/sg.tf
@@ -12,8 +12,8 @@ resource "aws_security_group" "ecs" {
   }
 
   ingress {
-    from_port   = 443
-    to_port     = 443
+    from_port   = 22
+    to_port     = 22
     protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
   }
@@ -77,14 +77,25 @@ resource "aws_security_group" "database" {
 resource "aws_security_group" "sg-alb" {
   name   = "alb-sg"
   vpc_id = "${aws_vpc.da-wordpress-vpc.id}"
+
+  lifecycle {
+    create_before_destroy = true
+  }
 }
 
-resource "aws_security_group_rule" "sg-alb" {
+resource "aws_security_group_rule" "sg-alb-in" {
   type              = "ingress"
-  from_port         = "443"
-  to_port           = "443"
-  protocol          = "tcp"
+  from_port         = 0
+  to_port           = 0
+  protocol          = "-1"
+  cidr_blocks       = ["0.0.0.0/0"]
+  security_group_id = "${aws_security_group.sg-alb.id}"
+}
+resource "aws_security_group_rule" "sg-alb-eg" {
+  type              = "egress"
+  from_port         = 0
+  to_port           = 0
+  protocol          = "-1"
   cidr_blocks       = ["0.0.0.0/0"]
   security_group_id = "${aws_security_group.sg-alb.id}"
 }
-
diff --git a/terraform/tasks.tf b/terraform/tasks.tf
index 683e035..41c08a9 100644
--- a/terraform/tasks.tf
+++ b/terraform/tasks.tf
@@ -1,40 +1,38 @@
 # wordpress
 
 ##### EFS volume #####
-resource "aws_efs_file_system" "fs" {
-    tags = {
-    Name = "ECS-EFS-FS"
-    }
-}
+#resource "aws_efs_file_system" "fs" {
+#    tags = {
+#    Name = "ECS-EFS-FS"
+#    }
+#}
 
 ##### task definition #####
 # describes how a docker container should launch
 data "template_file" "task_definition_json" {
     template = "${file("${path.module}/tasks/wp_task_definition.json")}"
 }
-/*
+
 # It can be thought of as an “instance” of a Task Definition
 resource "aws_ecs_task_definition" "wordpress-app" {
-    family = "ecs-task-wp"
+    family = "ecs-tasks-wp"
     
     container_definitions  = "${data.template_file.task_definition_json.rendered}"
 
     volume {
         name = "service-storage-wp"
 
-        #efs_volume_configuration {
-        #    file_system_id = "${aws_efs_file_system.fs.id}"
-        #    root_directory = "/var/www/html"
-        #    },
-        host_path  = "/mnt/efs"
+        efs_volume_configuration {
+            file_system_id = aws_efs_file_system.da-wordpress-efs.id
+            root_directory = "/"
+            }   
+        #host_path  = "/mnt/efs"
 
     }
-    memory                   = "256"
-    cpu                      = "128"
     requires_compatibilities = ["EC2"]  
-    network_mode     = "awsvpc"
+    #network_mode     = "awsvpc"
    
-    execution_role_arn = "${aws_iam_role.ecs-ec2-role_.arn}"
+    execution_role_arn = "${aws_iam_role.ecs-role.arn}"
 }
 
 
@@ -42,24 +40,23 @@ resource "aws_ecs_task_definition" "wordpress-app" {
 
 resource "aws_ecs_service" "wordpress-app" {
     name = "ecs-wp"
-    cluster = "${aws_ecs_cluster.ecs-da-migration.id}"
-    task_definition = "${aws_ecs_task_definition.wordpress-app.family}"
+    cluster = "${aws_ecs_cluster.ecs-da-wordpress.id}"
+    task_definition = aws_ecs_task_definition.wordpress-app.family
     #iam_role = "${aws_iam_role.ecs-service-role.name}"
     desired_count = 2
-    launch_type   = "EC2"
+    #launch_type   = "EC2"
 
     # attaching an ELB with an ECS service
     load_balancer {
-        target_group_arn = "${aws_alb_target_group.target-group-alb.id}"
+        target_group_arn = "${aws_alb_target_group.target-group-alb.arn}"
         container_name = "da-wp-task"
         container_port = 80
     }
-    depends_on = ["aws_alb_listener.albListeners-wp"]
+    depends_on = ["aws_alb.alb-da-wordpress"]
 
     # providing our containers with public IPs
-    network_configuration {
-    subnets          = ["${aws_subnet.public-wp-a.id}", "${aws_subnet.public-wp-b.id}"]
-    assign_public_ip = true 
-    }
+    #network_configuration {
+    #subnets          = ["${aws_subnet.public-wp-a.id}", "${aws_subnet.public-wp-b.id}"]
+    #assign_public_ip = true 
+    #}
 }
-*/
diff --git a/terraform/tasks/wp_task_definition.json b/terraform/tasks/wp_task_definition.json
index 5252344..cc2e631 100644
--- a/terraform/tasks/wp_task_definition.json
+++ b/terraform/tasks/wp_task_definition.json
@@ -1,31 +1,39 @@
-[{
-    "secrets": [{
-        "name": "DATABASE_PASSWORD",
-        "valueFrom": "/wordpress/WORDPRESS_DB_PASSWORD"
-        },
-        {"name": "DATABASE_USER",
-        "valueFrom": "/wordpress/WORDPRESS_DB_USER"
-        }],
-    "volumesFrom": [],
-    "mountPoints": [
-        {
-            "sourceVolume" : "service-storage-wp",
-            "readOnly"      : false,
-            "ContainerPath" : "/var/www/html/"
-        }],
-    
-    "memory": 128,
-    "portMappings": [
-        {
-            "hostPort": 80,
-            "containerPort": 80,
-            "protocol": "tcp"
-        }
-    ],
-    "essential": true,
-    "name": "da-wp-task",
-    "environment": [],
-    "image": "672269152614.dkr.ecr.ap-southeast-2.amazonaws.com/wp-image:latest",
-    "cpu": 2
-
-}]
+[
+    {
+        "secrets": [
+            {
+                "name": "DATABASE_PASSWORD",
+                "valueFrom": "/wordpress/WORDPRESS_DB_PASSWORD"
+            },
+            {
+                "name": "DATABASE_USER",
+                "valueFrom": "/wordpress/WORDPRESS_DB_USER"
+            },
+            {
+                "name": "DATABASE_HOST",
+                "valueFrom": "/wordpress/WORDPRESS_DB_HOST"
+            }
+        ],
+        "volumesFrom": [],
+        "mountPoints": [
+            {
+                "sourceVolume": "service-storage-wp",
+                "readOnly": false,
+                "ContainerPath": "/var/www/html/"
+            }
+        ],
+        "memory": 128,
+        "portMappings": [
+            {
+                "hostPort": 80,
+                "containerPort": 80,
+                "protocol": "tcp"
+            }
+        ],
+        "essential": true,
+        "name": "da-wp-task",
+        "environment": [],
+        "image": "wp-image:latest",
+        "cpu": 2
+    }
+]
\ No newline at end of file
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 046348e..2731375 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -55,6 +55,7 @@ variable "azs" {
     default = ["ap-southeast-2a", "ap-southeast-2b"]
 }
 
+
 # the ECS optimized AMI's change by region. You can lookup the AMI here:
 variable "image_id" {
   description = "AMI image_id for ECS instance"
diff --git a/terraform/vpc.tf b/terraform/vpc.tf
index c9c0e20..94241fa 100644
--- a/terraform/vpc.tf
+++ b/terraform/vpc.tf
@@ -9,6 +9,7 @@ resource "aws_vpc" "da-wordpress-vpc" {
 }
 
 resource "aws_eip" "da-wordpress-eip" {
+  count = "${length(var.azs)}"
   vpc = true
 }
 
@@ -19,14 +20,22 @@ resource "aws_internet_gateway" "da-wordpress-igw" {
   }
 }
 
-resource "aws_nat_gateway" "da-wp-nat" {
-  allocation_id           = "${aws_eip.da-wordpress-eip.id}"
-  subnet_id               = "${aws_subnet.public-wp-a.id}"
+resource "aws_nat_gateway" "da-wp-nat-a" {
+  allocation_id = "${aws_eip.da-wordpress-eip[0].id}"
+  subnet_id     = "${aws_subnet.public-wp-a.id}"
   tags = {
     Name = "da-wp-nat"
   }
 }
 
+#resource "aws_nat_gateway" "da-wp-nat-b" {
+#  allocation_id = "${aws_eip.da-wordpress-eip[1].id}"
+#  subnet_id     = "${aws_subnet.public-wp-b.id}"
+#  tags = {
+#    Name = "da-wp-nat"
+#  }
+#}
+
 resource "aws_subnet" "private-wp-a" {
   vpc_id            = "${aws_vpc.da-wordpress-vpc.id}"
   cidr_block        = var.private_subnet-wp-a
@@ -39,7 +48,7 @@ resource "aws_subnet" "private-wp-a" {
 
 resource "aws_subnet" "private-wp-b" {
   vpc_id            = "${aws_vpc.da-wordpress-vpc.id}"
-  cidr_block        =  var.private_subnet-wp-b
+  cidr_block        = var.private_subnet-wp-b
   availability_zone = var.azs[1]
 
   tags = {
@@ -48,9 +57,10 @@ resource "aws_subnet" "private-wp-b" {
 }
 
 resource "aws_subnet" "public-wp-a" {
-  vpc_id            = "${aws_vpc.da-wordpress-vpc.id}"
-  cidr_block        = "${var.public_subnet-wp-a}"
-  availability_zone = var.azs[0]
+  vpc_id                  = "${aws_vpc.da-wordpress-vpc.id}"
+  cidr_block              = "${var.public_subnet-wp-a}"
+  availability_zone       = var.azs[0]
+  map_public_ip_on_launch = true
 
   tags = {
     Name = "public-subnet-a"
@@ -61,6 +71,7 @@ resource "aws_subnet" "public-wp-b" {
   vpc_id            = "${aws_vpc.da-wordpress-vpc.id}"
   cidr_block        = "${var.public_subnet-wp-b}"
   availability_zone = var.azs[1]
+  map_public_ip_on_launch = true
 
   tags = {
     Name = "public-subnet-b"
@@ -70,24 +81,15 @@ resource "aws_subnet" "public-wp-b" {
 resource "aws_route_table" "public-access" {
   vpc_id = "${aws_vpc.da-wordpress-vpc.id}"
 
-  route {
-    cidr_block = "0.0.0.0/0"
-    gateway_id = "${aws_internet_gateway.da-wordpress-igw.id}"
-  }
   tags = {
     Name = "da-wordpress-public"
   }
 }
 
-resource "aws_route_table" "private-access" {
-  vpc_id = "${aws_vpc.da-wordpress-vpc.id}"
-  route {
-    cidr_block = "0.0.0.0/0"
-    nat_gateway_id = "${aws_nat_gateway.da-wp-nat.id}"
-  }
-  tags = {
-    Name = "da-wordpress-private"
-  }
+resource "aws_route" "public_internet_gw" {
+  route_table_id = "${aws_route_table.public-access.id}"
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id = "${aws_internet_gateway.da-wordpress-igw.id}"
 }
 
 resource "aws_route_table_association" "public-access-a-rt" {
@@ -100,21 +102,43 @@ resource "aws_route_table_association" "public-access-b-rt" {
   route_table_id = "${aws_route_table.public-access.id}"
 }
 
+
+resource "aws_route_table" "private-access" {
+  count = "${length(var.azs)}"
+  vpc_id = "${aws_vpc.da-wordpress-vpc.id}"
+
+  tags = {
+    Name = "da-wordpress-private"
+  }
+}
+
+resource "aws_route" "private_internet_nat-a" {
+  route_table_id = "${aws_route_table.private-access[0].id}"
+  destination_cidr_block = "0.0.0.0/0"
+  nat_gateway_id = "${aws_nat_gateway.da-wp-nat-a.id}"
+}
+
+#resource "aws_route" "private_internet_nat-b" {
+#  route_table_id = "${aws_route_table.private-access[1].id}"
+#  destination_cidr_block = "0.0.0.0/0"
+#  nat_gateway_id = "${aws_nat_gateway.da-wp-nat-b.id}"
+#}
+
 resource "aws_route_table_association" "private-access-a-rt" {
   subnet_id      = aws_subnet.private-wp-a.id
-  route_table_id = "${aws_route_table.private-access.id}"
+  route_table_id = "${aws_route_table.private-access[0].id}"
 }
 
 resource "aws_route_table_association" "private-access-b-rt" {
   subnet_id      = aws_subnet.private-wp-b.id
-  route_table_id = "${aws_route_table.private-access.id}"
+  route_table_id = "${aws_route_table.private-access[1].id}"
 }
 
 resource "aws_network_acl" "public-subnets-acl" {
   vpc_id     = "${aws_vpc.da-wordpress-vpc.id}"
   subnet_ids = [aws_subnet.public-wp-a.id, aws_subnet.public-wp-b.id]
 
-ingress {
+  ingress {
     protocol   = -1
     rule_no    = 100
     action     = "allow"
@@ -142,7 +166,7 @@ resource "aws_network_acl" "private-subnets-acl" {
   vpc_id     = "${aws_vpc.da-wordpress-vpc.id}"
   subnet_ids = [aws_subnet.private-wp-a.id, aws_subnet.private-wp-b.id]
 
-ingress {
+  ingress {
     protocol   = -1
     rule_no    = 100
     action     = "allow"
@@ -163,4 +187,4 @@ ingress {
   tags = {
     Name = "private-subnets-acl"
   }
-}
\ No newline at end of file
+}